Roger Marquis wrote: >> >> More bullshit. The degree to which statefulness breaks things is >> only a small fraction of the degree to which NAT breaks things. > > Can you give us an example? Is there a protocol in use in the real world > which ingress flows can be validated by a state-keeping firewall (at the > network edge) but only without NAT. When NAT breaks the ability of the endpoints to use the connection at all, whether it's authorized or not, whether the flow can be validated by a firewall is irrelevant.
Also, your notion of the "real world" is one which is deliberately broken via NAT, so of course nothing exists in your "real world" that suits your criteria. Keith
_______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
